Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see #158. This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module).

Minor layout adjustments.
2025-12-07 13:11:29 +00:00 · 2010-03-26 23:23:25 +00:00
parent 4ca1adba2c
commit 1416cd0d86
32 changed files with 791 additions and 122 deletions
--- a/lib/controller/action.py
+++ b/lib/controller/action.py
@@ -43,7 +43,7 @@ def action():

    # First of all we have to identify the back-end database management
    # system to be able to go ahead with the injection
-    conf.dbmsHandler = setHandler()
+    setHandler()

    if not conf.dbmsHandler:
        htmlParsed = getHtmlErrorFp()
@@ -166,3 +166,6 @@ def action():
    # Miscellaneous options
    if conf.cleanup:
        conf.dbmsHandler.cleanup()
+
+    if conf.direct:
+        conf.dbmsConnector.close()